CVE-2026-13582

The CVE concerns the Edimax EW-7478APC (firmware 1.04) where the POST request handler’s /goform/formUSBAccount function manipulates the UserName/Password arguments, causing a buffer overflow. This vulnerability enables remote execution with network access and was reported as exploitable in the wi...

CVE-2026-13564

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely...

CVE-2026-13564

Summary: CVE-2026-13564 affects Edimax EW-7478APC firmware 1.04, specifically the POST Request Handler’s formPPPoESetup function. Manipulating the pppUserName argument triggers a stack-based buffer overflow, enabling remote attacker access. Public exploit reportedly exists and the vendor did not ...

EUVD-2026-40073

A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit...

CVE-2026-13561 Edimax EW-7478APC POST Request formiNICbasic os command injection

A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote...

PT-2026-53224

Name of the Vulnerable Software and Affected Versions Edimax EW-7478APC version 1.04 Description A remote buffer overflow exists in the POST Request Handler component. The issue occurs within the formUSBFolder function located in the /goform/formUSBFolder endpoint when processing the ShareName or...